[exim] Tainted search

Top Page
Delete this message
Reply to this message
Author: Mark Elkins via Exim-users
Date:  
To: exim-users
Subject: [exim] Tainted search
Hi all,

I'm running Exim version 4.96 #2 built 06-Jun-2023. I recently started
to see errors in my logfile of:  "tainted search query is not properly
quoted"

I've got rid of all but one by adding "quote_mysql:" to the search. I'm
stuck on one though...

remote_smtp:
  driver = smtp
  dnssec_request_domains = *
  hosts_try_dane = *
  return_path = ${address:$reply_address}
#  interface = 160.124.208.1 : 2001:42a0:1:208::1 # if required
  # MJE - for now # message_size_limit = ${if >
{$max_received_linelength}{998} {1}{0} }
  #dkim_domain = ${lookup mysql {select domain from admin WHERE
domain='${quote_mysql:domain:$h_from:}' limit 1}}
  dkim_domain = ${lookup mysql {select domain from admin WHERE
domain='${domain:$h_from:}' limit 1}}
  dkim_selector = ${substr_2_4:$tod_zulu}
  dkim_private_key = ${if
exists{/etc/exim/dkim/$dkim_domain-$dkim_selector.pem}{/etc/exim/dkim/$dkim_domain-$dkim_selector.pem}{0}}
  dkim_canon=relaxed

This does not work:    domain='${quote_mysql:domain:$h_from:}'

This currently works:   domain='${domain:$h_from:}'   -  but gives the
tainted search error ... but at least the DKIM part works.

I run multiple domains so the code is to pick up the correct
domain-name's DKIM record - etc.

Can someone please give me a simple answer? I don't know the proper
syntax... or even what "${domain:$h_from:}'" does... apart from picking
up the Domain from the senders address. Do I add more brackets perhaps?

--

Mark James ELKINS  -  Posix Systems - (South) Africa
mje@??? Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
<https://ftth.posix.co.za>



--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/